Total
5568 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0514 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-11 | 7.2 HIGH | N/A |
| Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups." | |||||
| CVE-2004-1089 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2017-07-11 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users. | |||||
| CVE-2004-1084 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2017-07-11 | 5.0 MEDIUM | N/A |
| Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles. | |||||
| CVE-2004-1085 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2017-07-11 | 2.1 LOW | N/A |
| Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit applications via the force-quit key combination, even when the system is running in kiosk mode. | |||||
| CVE-2004-0824 | 1 Apple | 1 Mac Os X | 2017-07-11 | 2.1 LOW | N/A |
| PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files. | |||||
| CVE-2004-0822 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-11 | 7.2 HIGH | N/A |
| Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable. | |||||
| CVE-2004-1081 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2017-07-11 | 2.1 LOW | N/A |
| The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session. | |||||
| CVE-2004-0744 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-11 | 5.0 MEDIUM | N/A |
| The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial of service (memory and resource consumption) via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet. | |||||
| CVE-2004-0516 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-11 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vulnerability than CVE-2004-0517. | |||||
| CVE-2004-0821 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-11 | 7.2 HIGH | N/A |
| The CFPlugIn in Core Foundation framework in Mac OS X allows user supplied libraries to be loaded, which could allow local users to gain privileges. | |||||
| CVE-2004-0743 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-11 | 5.0 MEDIUM | N/A |
| Safari in Mac OS X before 10.3.5, after sending form data using the POST method, may re-send the data to a GET method URL if that URL is redirected after the POST data and the user uses the forward or backward buttons, which may cause an information leak. | |||||
| CVE-2004-0485 | 1 Apple | 1 Mac Os X | 2017-07-11 | 5.0 MEDIUM | N/A |
| The default protocol helper for the disk: URI on Mac OS X 10.3.3 and 10.2.8 allows remote attackers to write arbitrary files by causing a disk image file (.dmg) to be mounted as a disk volume. | |||||
| CVE-2004-0486 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-11 | 7.6 HIGH | N/A |
| HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a help: URI handler. | |||||
| CVE-2003-0877 | 1 Apple | 1 Mac Os X | 2017-07-11 | 4.6 MEDIUM | N/A |
| Mac OS X before 10.3 with core files enabled allows local users to overwrite arbitrary files and read core files via a symlink attack on core files that are created with predictable names in the /cores directory. | |||||
| CVE-2003-0975 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2017-07-11 | 5.0 MEDIUM | N/A |
| Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | |||||
| CVE-2002-1368 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2017-07-11 | 7.5 HIGH | N/A |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding. | |||||
| CVE-2004-0166 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-11 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Safari web browser for Mac OS X 10.2.8 related to "the display of URLs in the status bar." | |||||
| CVE-2003-1009 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-11 | 10.0 HIGH | N/A |
| Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain privileges. | |||||
| CVE-2003-1008 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-11 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users to bypass the screen saver login window and write a text clipping to the desktop or another application. | |||||
| CVE-2003-1007 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-11 | 5.0 MEDIUM | N/A |
| AppleFileServer (AFS) in Apple Mac OS X 10.2.8 and 10.3.2 does not properly handle certain malformed requests, with unknown impact. | |||||